From chalpin@cs.wisc.edu  Fri May 14 16:40:55 2010
Return-Path: <chalpin@cs.wisc.edu>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id E76191065678
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 14 May 2010 16:40:55 +0000 (UTC)
	(envelope-from chalpin@cs.wisc.edu)
Received: from sabe.cs.wisc.edu (sabe.cs.wisc.edu [128.105.6.20])
	by mx1.freebsd.org (Postfix) with ESMTP id B1ABF8FC1F
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 14 May 2010 16:40:55 +0000 (UTC)
Received: from spiff.home.crhalpin.org (eagleheights-105-18.resnet.wisc.edu [146.151.105.18])
	(authenticated bits=0)
	by sabe.cs.wisc.edu (8.14.1/8.14.1) with ESMTP id o4EGesW9030629
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 14 May 2010 11:40:54 -0500
Received: by spiff.home.crhalpin.org (Postfix, from userid 1001)
	id 264041CC3B; Fri, 14 May 2010 11:40:49 -0500 (CDT)
Message-Id: <20100514164049.264041CC3B@spiff.home.crhalpin.org>
Date: Fri, 14 May 2010 11:40:49 -0500 (CDT)
From: Corey Halpin <chalpin@cs.wisc.edu>
Reply-To: Corey Halpin <chalpin+d+1274287068.41b742@cs.wisc.edu>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: mail/fetchmail -- new upstream version
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         146589
>Category:       ports
>Synopsis:       mail/fetchmail -- new upstream version
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    miwi
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Fri May 14 16:50:04 UTC 2010
>Closed-Date:    Sat May 22 04:36:42 UTC 2010
>Last-Modified:  Sat May 22 04:40:03 UTC 2010
>Originator:     Corey Halpin
>Release:        FreeBSD 8.0-RELEASE-p2 i386
>Organization:
>Environment:
System: FreeBSD spiff.home.crhalpin.org 8.0-RELEASE-p2 FreeBSD 8.0-RELEASE-p2 #0: Tue Jan 5 16:02:27 UTC 2010 root@i386-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC i386


	
>Description:
	NA
>How-To-Repeat:
	NA
>Fix:

  NOTE: files/patch-CVE-2010-1167 should be removed by this patch -- upstream
has incorporated it.

diff -ruN /usr/ports/mail/fetchmail/Makefile fetchmail/Makefile
--- /usr/ports/mail/fetchmail/Makefile	2010-04-22 14:13:24.000000000 -0500
+++ fetchmail/Makefile	2010-05-14 11:36:09.000000000 -0500
@@ -10,8 +10,7 @@
 # want fetchmailconf to work, define WITH_X11
 
 PORTNAME=	fetchmail
-PORTVERSION=	6.3.16
-PORTREVISION=	1
+PORTVERSION=	6.3.17
 CATEGORIES=	mail ipv6
 MASTER_SITES=	${MASTER_SITE_BERLIOS} \
 		http://mandree.home.pages.de/fetchmail/:ma \
diff -ruN /usr/ports/mail/fetchmail/distinfo fetchmail/distinfo
--- /usr/ports/mail/fetchmail/distinfo	2010-04-07 13:20:20.000000000 -0500
+++ fetchmail/distinfo	2010-05-14 11:21:31.000000000 -0500
@@ -1,3 +1,3 @@
-MD5 (fetchmail-6.3.16.tar.bz2) = 1a40acb371376c7d54fe468c99dfc216
-SHA256 (fetchmail-6.3.16.tar.bz2) = 2e316c8ebef47e1266217e5f0e1aa453707f19cf8ddbfacfcbc9eab101757d86
-SIZE (fetchmail-6.3.16.tar.bz2) = 1628808
+MD5 (fetchmail-6.3.17.tar.bz2) = 7b1d449ecddb6164e22c32854adc4a75
+SHA256 (fetchmail-6.3.17.tar.bz2) = d7a01ceac184c7ebde9a42982e310beec467deb5b3d05c4e413e48cd2619ca24
+SIZE (fetchmail-6.3.17.tar.bz2) = 1642598
diff -ruN /usr/ports/mail/fetchmail/files/patch-CVE-2010-1167 fetchmail/files/patch-CVE-2010-1167
--- /usr/ports/mail/fetchmail/files/patch-CVE-2010-1167	2010-04-22 14:13:24.000000000 -0500
+++ fetchmail/files/patch-CVE-2010-1167	1969-12-31 18:00:00.000000000 -0600
@@ -1,102 +0,0 @@
-commit ec06293134b85876f9201d8a52b844c41581b2b3
-Author: Matthias Andree <matthias.andree@gmx.de>
-Date:   Sun Apr 18 18:01:38 2010 +0200
-
-    SECURITY FIX: DoS on EILSEQ in report_*() in -vv and multibyte-locales.
-
-diff --git a/rfc822.c b/rfc822.c
-index 6f2dbf3..dbcda32 100644
---- a/rfc822.c
-+++ b/rfc822.c
-@@ -25,6 +25,7 @@ MIT license.  Compile with -DMAIN to build the demonstrator.
- #include  <stdlib.h>
- 
- #include "fetchmail.h"
-+#include "sdump.h"
- 
- #ifndef MAIN
- #include "i18n.h"
-@@ -74,9 +75,10 @@ char *reply_hack(
-     }
- 
- #ifndef MAIN
--    if (outlevel >= O_DEBUG)
--	report_build(stdout, GT_("About to rewrite %.*s...\n"),
--			(int)BEFORE_EOL(buf), buf);
-+    if (outlevel >= O_DEBUG) {
-+	report_build(stdout, GT_("About to rewrite %s...\n"), (cp = sdump(buf, BEFORE_EOL(buf))));
-+	xfree(cp);
-+    }
- 
-     /* make room to hack the address; buf must be malloced */
-     for (cp = buf; *cp; cp++)
-@@ -211,9 +213,12 @@ char *reply_hack(
-     }
- 
- #ifndef MAIN
--    if (outlevel >= O_DEBUG)
--	report_complete(stdout, GT_("...rewritten version is %.*s.\n"),
--			(int)BEFORE_EOL(buf), buf);
-+    if (outlevel >= O_DEBUG) {
-+	report_complete(stdout, GT_("...rewritten version is %s.\n"),
-+			(cp = sdump(buf, BEFORE_EOL(buf))));
-+	xfree(cp)
-+    }
-+
- #endif /* MAIN */
-     *length = strlen(buf);
-     return(buf);
-diff --git a/uid.c b/uid.c
-index fdc6f5d..d813bee 100644
---- a/uid.c
-+++ b/uid.c
-@@ -20,6 +20,7 @@
- 
- #include "fetchmail.h"
- #include "i18n.h"
-+#include "sdump.h"
- 
- /*
-  * Machinery for handling UID lists live here.  This is mainly to support
-@@ -260,8 +261,11 @@ void initialize_saved_lists(struct query *hostlist, const char *idfile)
- 	if (uidlcount)
- 	{
- 	    report_build(stdout, GT_("Scratch list of UIDs:"));
--	    for (idp = scratchlist; idp; idp = idp->next)
--		report_build(stdout, " %s", idp->id);
-+	    for (idp = scratchlist; idp; idp = idp->next) {
-+		char *t = sdump(idp->id, strlen(idp->id));
-+		report_build(stdout, " %s", t);
-+		free(t);
-+	    }
- 	    if (!idp)
- 		report_build(stdout, GT_(" <empty>"));
- 	    report_complete(stdout, "\n");
-@@ -517,8 +521,11 @@ void uid_swap_lists(struct query *ctl)
- 	    report_build(stdout, GT_("Merged UID list from %s:"), ctl->server.pollname);
- 	else
- 	    report_build(stdout, GT_("New UID list from %s:"), ctl->server.pollname);
--	for (idp = dofastuidl ? ctl->oldsaved : ctl->newsaved; idp; idp = idp->next)
--	    report_build(stdout, " %s = %d", idp->id, idp->val.status.mark);
-+	for (idp = dofastuidl ? ctl->oldsaved : ctl->newsaved; idp; idp = idp->next) {
-+	    char *t = sdump(idp->id, strlen(idp->id));
-+	    report_build(stdout, " %s = %d", t, idp->val.status.mark);
-+	    free(t);
-+        }
- 	if (!idp)
- 	    report_build(stdout, GT_(" <empty>"));
- 	report_complete(stdout, "\n");
-@@ -567,8 +574,11 @@ void uid_discard_new_list(struct query *ctl)
- 	/* this is now a merged list! the mails which were seen in this
- 	 * poll are marked here. */
- 	report_build(stdout, GT_("Merged UID list from %s:"), ctl->server.pollname);
--	for (idp = ctl->oldsaved; idp; idp = idp->next)
--	    report_build(stdout, " %s = %d", idp->id, idp->val.status.mark);
-+	for (idp = ctl->oldsaved; idp; idp = idp->next) {
-+	    char *t = sdump(idp->id, strlen(idp->id));
-+	    report_build(stdout, " %s = %d", t, idp->val.status.mark);
-+	    free(t);
-+	}
- 	if (!idp)
- 	    report_build(stdout, GT_(" <empty>"));
- 	report_complete(stdout, "\n");
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-ports-bugs->miwi 
Responsible-Changed-By: miwi 
Responsible-Changed-When: Sat May 15 10:20:07 UTC 2010 
Responsible-Changed-Why:  
I'll take it. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=146589 
State-Changed-From-To: open->closed 
State-Changed-By: miwi 
State-Changed-When: Sat May 22 04:36:41 UTC 2010 
State-Changed-Why:  
Committed. Thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=146589 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/146589: commit references a PR
Date: Sat, 22 May 2010 04:36:39 +0000 (UTC)

 miwi        2010-05-22 04:36:31 UTC
 
   FreeBSD ports repository
 
   Modified files:
     mail/fetchmail       Makefile distinfo 
   Removed files:
     mail/fetchmail/files patch-CVE-2010-1167 
   Log:
   - Update to 6.3.17
   
   PR:             146589
   Submitted by:   Corey Halpin <chalpin@cs.wisc.edu> (maintainer)
   
   Revision  Changes    Path
   1.209     +1 -2      ports/mail/fetchmail/Makefile
   1.136     +3 -3      ports/mail/fetchmail/distinfo
   1.2       +0 -102    ports/mail/fetchmail/files/patch-CVE-2010-1167 (dead)
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 
>Unformatted:
